A smartcard is a typically credit-card sized plastic case with an embedded microprocessor chip that offers a variety of services, varying from simple secure data storage to sophisticated cryptographic services. Smartcards are becoming increasingly used for purposes of authentication and authorization of the person carrying the card, storing information of a personalized nature, and storing values.
The smartcard life cycle always starts with a personalization. Personalization of a smartcard is the process of creating and initializing smartcard objects such as directories, files, passwords, and cryptographic keys on the smartcard for future use by one or more applications. Passwords by convention are often of numerical form, known as personal identification numbers. Files include data files of arbitrary format as well as files of standardized format such as password files, which hold one or several passwords, or cryptographic key files, which hold one or more cryptographic keys. Personalization is usually performed by the manufacturer or card-issuing authority before shipping the smartcard to the end-user. The personalization of a smartcard can be formally described by a personalization profile, which defines the required smartcard objects and attributes.
Using a single smartcard for multiple applications is desirable to the end-user, who can perform multiple functions without having to carry multiple smartcards. It is also economical because it helps to prevent waste of smartcards. Further benefits arise when multiple applications can share information on the smartcard, such as the same password, the same cryptographic key, or the user's bank account information.
However, despite the benefits use of a single smartcard for multiple applications is rare today, especially for applications supplied by multiple parties. Different applications that are not carefully coordinated may require mutually incompatible personalization profiles. Trying to apply a personalization profile for an application to a smartcard that has already been personalized for another application carries the risk of failure and loss of the smartcard if the personalization profiles are incompatible.
Prior efforts have been made to facilitate the use of multiple applications with a smartcard. Smartcard manufacturers today usually provide pre-personalized smartcards and a smartcard access layer, which hard-codes the smartcard structure expected by a pre-defined application interface. Multiple applications can access the same smartcard within the confines of a pre-defined interface and smartcard structure.
The Public Key Cryptography Standard #15 describes a standard for the format of cryptographic credentials stored on cryptographic tokens, of which smartcards are a special case. The standard specifies a limited set of smartcard objects and hard-codes the names of the objects, which need to be used by applications compatible with the standard.
For smartcards comprising a Java virtual machine, support for loading multiple Java applications on the card is available. However, the support applies to Java applications or applets running on the card and not to the smartcard objects such as directories, password files, or cryptographic keys.